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DETAILED ACTION 



1 . Claims 1-27 are pending. 



Claim Rejections - 35 USC § 102 



2. The following is a quotation of the appropriate 

A method for operating a portable authorization device paragraphs of 35 U.S.C. 102 
that form the basis for the rejections under this section made in this Office action: 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

3. Claims 1-24, 26 are rejected under 35 USC § 102(b) as being anticipated by 
Caputo, US patent 5,778,071. 

In reference to claim 1: 

Caputo discloses a method for selectively authorizing a host system to use one or more 
items of protected information, comprising the steps of: 

• Coupling the portable authorization information from a first type of information 
authority, where the first information authority is the smartcard disclosed in item 
19 of figure 1C. The data from the smartcard is formatted in Caputo(Column 10, 
lines 18-31) 

• Receiving a second item of authorization information from a second type of 
information authority, where the second type of information authority is the user 
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at the keypad who enters identification information such as a PIN number. 
Caputo(CoIumn 10, lines 32-50) This data is then transferred to the input/output 
controller. 

• Selectively authorizing the host system to use the one or more items of affected 
information based upon the first or second items of authorization information. 
Caputo(Column 10, lines 56-60) discloses that the encrypt and decrypt functions 
as part of the authentication process may be performed under control of the 
microprocessor and/or the smartcard. 

Caputo(Column 13, lines 14-24) disclose that the use of the user authentication 
information is also optional. 

In reference to claim 2: 

Caputo discloses a portable authorization device for selectively authorizing a host 
system to use one or more items of protected information comprising: 

• A processing unit; Caputo(Figure 2, Item 164) 

• A storage medium operatively coupled to the processing unit; Caputo (Figure 2, 
Item 166) 

• A first interface operative in conjunction with the processing unit and the storage 
medium for receiving a first item of authorization information from a first type of 
information authority, where the first interface is the smartcard interface and the 
first type of information authority is the smartcard. Caputo(Figure 2, Item 178) 
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• A second interface operative in conjunction with the processing unit and the 
storage medium for receiving a second item of authorization information from a 
second type of information authority, where the second interface is the Modem or 
network interface. Caputo(Figure 2, Item 160) 

• A third interface operative in conjunction with the processing unit and the storage 
medium for communicating with the host system to selectively authorize the host 
system to use the one or more items of protected information based upon the 
first or second items of authorization information. Caputo(Figure 2, Item 12) 

• Wherein the portable authorization device is removably couplable to the host 
system through the third interface. Caputo(Figure 2, Item 12) & Caputo(Figure 
1A, Item 12) 

In reference to claim 3: 

Caputo discloses a device wherein: 

• The first interface comprises a direct information authority interface program. 
Caputo(Column 10, lines 24-21) 

• The first type of information authority comprises a direct information authority 
operatively coupled directly to the portable authorization device Caputo(Figure 
1C) 

• The second and third interfaces each comprise a same host system interface 
program. Caputo(column 9, lines 28-32) 
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• The second type of information authority comprises an indirect information 
authority operatively coupled directly to the portable authorization device, where 
the indirect information authority is a network that is operatively coupled to the 
device. Caputo(Figure 3) 

In reference to claim 4: 

Caputo discloses a portable authorization device, wherein the indirect information 
authority comprises a computer system coupled to the host system via a network. 
Caputo(Figure 3) 

In reference to claim 5: 

Caputo disclose a portable authorization device, wherein the indirect information 
authority comprises data stored on a magnetic storage medium, where the magnetic 
storage medium may be information stored on another computer on the network. 
Caputo(Figure 3, Item 36) 

In reference to claim 6: 

Caputo disclose a portable authorization device further comprising: 

• A host authorizer operative in conjunction with the processing unit and the third 
interface for selectively authorizing the host system to use the one or more items 
of protected information based upon the first or second items of authorization 
information, 
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where the network or computer is made accessible once the verification process is 
successful, and the authorizer acted in response to information from the smartcard 
and/or network and other information sources. Caputo(column 17, lines 51-56) 

In reference to claim 7: 

Caputo(column 9, lines 28-32) disclose a device wherein the host authorizer is a 
software program operatively stored in the storage unit. 

In reference to claim 8: 

Caputo discloses a device wherein: 

• The first and second items of authorization information comprise first and second 
key selectors, respectively, where the first information authority, the smartcard, 
and the second information authority, the network, both contains a key selectors. 
Caputo (Column 14, lines 55-57) & (Column 17, lines 44-54) 

• The host authorizer in conjunction with the processing unit and the third interface 
operatively generates a key based upon the first of second key selectors and 
selectively authorizes the host system to use the one or more items of protected 
information based upon the key, where the host authorizer responds to the 
challenge by establishing or "generating" the right key and then returned to the 
challenger that the device possesses the right key. If verification is successful, 
the network may authorize the host system to use the items of protected 



# • 
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information, the accessibility of the network, or computer software. 
Caputo(CoIumn 17, lines 37-56) 

In reference to claim 9: 

Caputo disclose a portable authorization device, wherein: 

the first interface is configured to conduct a challenge response transaction with the first 
type of information authority, where the first information authority is the smartcard, and 
the first interface is the Item 178 of Figure 2, the smartcard interface. Caputo (Column 
17, lines 37-44) 

In reference to claim 10: 

Caputo discloses a portable authorization device wherein: 

the second interface is configured to conduct a challenge-response transaction with the 
second type of information authority, where the second interface is the network interface 
which receives the challenge from the network and the second type of information 
authority is the network. Caputo (Column 17, lines 30-35) 

In reference to claim 1 1 : 

Caputo discloses a portable authorization device wherein: 

the third interface is configured to conduct a challenge-response transaction with the 
host system, where the third interface is the interface that communicates with the host 
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system and passes an acknowledgement to the host system as part of the challenge- 
response transaction. (Column 17, lines 51-56) 

In reference to claim 12: 

Caputo discloses an authorization system for selectively authorizing a host system to 

use one or more items of protected information, comprising: 

• An access control mechanism associated with the host system for receiving a 
first item of authorization information from a first type of information authority 
operatively coupled to the host system and for forwarding the item of 
authorization information to the portable authorization device, where the host 
system receives items of authorization information from an information authority, 
or user, and the information is sent to the device. Caputo (Column 15, lines 19- 



• A portable authorization device removably couplable to the host system for 
receiving the first item of authorization information from the access control 
mechanism and for selectively authorizing the host system to use the one or 
more items of protected information based upon the first item of authorization 
information, where the device receives the information from host system, and the 
end result of the device is to authorize the host system to use one or more items 
of protected information, such as the transmission of encrypted data. Caputo 
(Column 15, lines 19-24) 



24) 
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In reference to claim 13: 

Caputo discloses an authorization system wherein: 

• The portable authorization device is configured to also receive a second item of 
authorization information from a second type of information authority operatively 
coupled to the portable authorization device and, furthermore, is configured to 
selectively authorize the host system to use the one or more items of protected 
information based upon the first or second items of authorization information, 
where the device, referred to as "device 10" in Caputo, may additionally accept 
authorization information from a smartcard. (Caputo Figure 1C) 



In reference to claim 14: 

Caputo discloses a portable authorization device for selectively authorizing a host 
system to use one or more items of protected information, comprising: 

• A processing unit; Caputo(Figure 2, Item 164) 

• A storage medium operatively coupled to the processing unit; Caputo (Figure 2, 
Item 166) 

• A first interface operative in conjunction with the processing unit and the storage 
medium for receiving a key selector from an information authority; Caputo(Figure 
2, Item 178) where the first interface is the smartcard interface, the storage 
medium and the information authority are the smartcard, and (Column 14, lines 
52-65) discloses that the smartcard contains a key selector. 
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• A host authorizer operative in conjunction with the processing unit and the 
storage medium for generating a key based upon the key selector. 
Caputo(Figure 8, Item 128) 

• A second interface operative in conjunction with the processing unit and the 
storage medium for communicating with the host system to selectively authorize 
the host system to use the one or more items of protected information based 
upon the key. Caputo (Figure 2, Item 174) 



In reference to claim 15: 

Caputo discloses a portable authorization device wherein: 

• The first interface comprises an information authority interface; Caputo(Figure 2, 
Item 178) 

• And the second interface comprises a host system interface. Caputo(Figure 2, 
Item 174) 

In reference to claim 16: 

Caputo discloses a portable authorization device for selectively authorizing a host 
system to use a plurality of items of protected information, comprising: 

• A processing unit ; Caputo(Figure 2, Item 164) 

• A storage medium operatively coupled to the processing unit for storing one or 
more items of blended authorization information, each item of blended 
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authorization information being derived from a plurality of items of authorization 
information, where the storage medium is the ROM/RAM and stores items of 
blended information that may be received from a network, a user, a smartcard, or 
the host computer. Caputo(Figure 2, item 166) 

• An unblending mechanism operative in conjunction with the processing unit and 
the storage medium for regenerating at least one of the plurality of items of 
authorization information from the one or more items of blended authorization 
information, where the authorization information is processed and "unblended" 
into the conceptual diagram of figure 4B, where the authorization information is 
encrypted or decrypted and where the private key may be "regenerated" when 
needed in the authorization process. Caputo(Figure 4B) 

• A host system interface operative in conjunction with the processing unit and the 
storage medium for communicating with the host system to selectively authorize 
the host system to use an item of protected information based upon the at least 
one item of authorization information Caputo(Figure 2, Item 174) 

• Wherein the portable authorization device is removably couplable to the host 
system through the host system interface. Caputo(Figure 1D, Item 12) 

In reference to claim 17: 

Caputo discloses a portable authorization device wherein: 

• Each item of blended authorization information is derived from the two or more 
items of authorization information by performing an arithmetic operation on the 
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two or more items of authorization information, where the arithmetic operation is 
a modulus, and the items of authorization information are the PIN and the 
challenge received, and the blended authorization information may be the key, 
the encrypted data, encrypted using the key, or the final verification itself, which 
is also derived from two or more items of authorization information. Caputo 
(Column 17, lines 40-56) 



In reference to claim 18: 

Caputo discloses a method for operating a portable authorization device for selectively 
authorizing a host system to use one or more items of protected information comprising 
the steps of: 

• Coupling the portable authorization device to the host system; Caputo(Figure 2, 
Item 12) 

• Receiving a plurality of items of authorization information, where the items of 
authorization are the PIN, the key, and the challenge. Caputo(Column 17, Lines 
37-56) 

• Generating one or more items of blended authorization information from the 
plurality of items of authorization information, where the blended information is 
the encrypted key and PIN sent back in response to the challenge. 
Caputo(Column 17, Lines 37-56) 
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• Storing the one or more items of blended authorization information in a storage 
medium, where the authorization information is stored in the memory of the 
portable authorization device. Caputo(Column 17, Lines 37-56) 

• Retrieving one or more of the items of blended authorization information from the 
storage medium. Caputo(Column 17, Lines 37-56) 

• Regenerating at least one of the plurality of items of authorization information 
from the one or more items of blended authorization information, where the 
challenger receives the information and regenerates the data by decrypting it. 
Caputo(Column 17, Lines 37-56) 

• Selectively authorizing the host system to use an item of protected information 
based upon the at least one item of authorization information. Caputo(Column 
17, Lines 37-56) 

In reference to claim 19: 

Caputo discloses a portable authorization device for selectively authorizing a host 
system to use one or more items of protected information, comprising: 

• A processing unit; Caputo(Figure 2, Item 164) 

• A first storage medium operatively coupled to the processing unit for storing one 
or more encoded items of authorization information; Caputo(Figure 2, Item 166) 

• A second storage medium operatively coupled to the processing unit for storing 
decoding information used to decode the one or more encoded items of 
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authorization information, wherein the second storage medium is accessible by 
the processing unit only if the processing unit receives proper authorization; 
Caputo(Column 14, Lines 57-65) 

• A decoding mechanism operative in conjunction with the processing unit and the 
first and second storage media for decoding at least one of the one or more 
encoded items of authorization information to produce at least one respective 
item of authorization information, where the data is taken from the storage 
medium from the ROM/RAM, and the smartcard, and enters a decryption 
module, or decoding mechanism. Caputo(Figure 4A) 

• An interface operative in conjunction with the processing unit for communicating 
with the host system to selectively authorize the host system to use an item of 
protected information based upon the at least one item of authorization 
information. Caputo(Figure 2, Item 174) 



In reference to claim 20: 

Caputo discloses a portable authorization device for selectively authorizing a host 
system to use one or more items of protected information, comprising: 

• A processing unit; Caputo(Figure 2, Item 164) 

• A first storage medium operatively coupled to the processing unit for storing one 
or more encoded items of authorization information; Caputo(Figure 2, Item 166) 
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• A second storage medium operatively coupled to the processing unit for storing a 
plurality of items of decoding information. ; Caputo(Column 14, Lines 55-57) 

• A decoding mechanism operative in conjunction with the processing unit and the 
first and second storage media for decoding at least one of the one or more 
encoded items of authorization information using a selected one of the plurality of 
items of decoding information to produce at least one respective item of 
authorization information, where the data is taken from the storage medium from 
the ROM/RAM, and the smartcard, and enters a decryption module, or decoding 
mechanism, and the respective item of authorization information is the decrypted 
data used in verification(verify data). Caputo(Figure 4A) 

• An interface operative in conjunction with the processing unit for communicating 
with the host system to selectively authorize the host system to use an item of 
protected information based upon the at least one item of authorization 
information. Caputo(Figure 2, Item 174) 

In reference to claim 21 : 

Caputo discloses a portable authorization device comprising: 

• A processing unit; Caputo(Figure 2, Item 164) 

• A storage medium operatively coupled to the processing unit; Caputo(Figure 2, 
Item 166) 

• A first interface operative in conjunction with the processing unit and the storage 
medium for the receiving a first item of information from a first information 
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authority, where the first information authority is the smartcard interface. (Figure 
2, Item 166) 

• A second interface operative in conjunction with the processing unit and the 
storage medium for transmitting a second item of information to a second 
information authority, where the storage medium is the ROM/RAM and the 
second information authority is the network. (Figure 2, Item 160) 

In reference to claim 22: 

Caputo discloses a portable authorization device wherein: 

• The first item of information comprises an item of authorization information for 
selectively authorizing a host system to use one or more items of protected 
information, where the first item of information is the key. Caputo(Column 14, 
lines 53-57) 

• The second item of information is the same as the first item of information, where 
the second item of information is the same key as the first item of information that 
is retransmitted back onto the network in response to the challenge to verify its 
correctness. Caputo(Column 17, 44-48) 

• The portable authorization device disables or removes the item of authorization 
from therein upon transmission to the second information authority, where the 
item of authorization is "disabled" or rendered into a form in which it cannot be 
used for its intended use, by being encrypted. Caputo(Column 17, 44-48) 
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In reference to claim 23: 

Caputo discloses a portable authorization device wherein: 

the second information authority is a second portable authorization device, where the 
portable authorization device is referred to as device 10, and the second device may 
incorporate all the communications security functions device 10 is connected with in a 
single portable device in accordance with the invention of Caputo(Column 15, 53-58) & 
Caputo (Column 11, lines 12-14) 

Caputo. (Column 15, 53-58) refers to figure 3, where the second information authority is 
connected to the first portable authorization device through the network interface. 

In reference to claim 24: 

Caputo discloses a portable authorization device, comprising: 

• A processing unit; Caputo(Figure 2, Item 164) 

• A storage medium operatively coupled to the processing unit; Caputo(Figure 2, 
Item 166) 

• A message manager operative in conjunction with the processing unit and the 
storage medium for determining whether the portable authorization device is 
authorized to receive an item of authorization information from an information 
authority, where the message manager prompts the user for a PIN number, 
which is used in determining if the device is authorized to read the Key from the 
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smartcard information authority. Caputo(Column 17, Lines 37-44) & 
Caputo(Column 14, Lines 53-61) 
• An interface operative in conjunction with the processing unit, the storage 
medium and the message manager for receiving the item of authorization 
information from the information authority if the portable authorization device is 
authorized to receive the item of authorization information. Caputo(Figure, Item 
178) 



In reference to claim 26: 

Caputo discloses a portable authorization device for selectively authorizing a host 
system to use one or more items of protected information, comprising: 

• A processing unit; Caputo(Figure 2, Item 164) 

• A storage medium operatively coupled to the processing unit; Caputo(Figure 2, 
Item 166) 

• A password manager operative in conjunction with the processing unit and the 
storage medium for determining if a predetermined password authorization 
condition is satisfied with respect to the host system and if not, obtaining and 
verifying a password entered by a user, where the password is a PIN. 
Caputo(Column 14, lines 55-65) 

• An interface operative in conjunction with the processing unit, the storage 
medium and the password manager for communicating with the host system to 
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selectively authorize the host system to use the one or more items of protected 
information only if the predetermined password authorization condition is 
satisfied. Caputo(Column 17, lines 37-56) 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

5. Claim 25 and 27 are rejected over Caputo, US patent 5,778,071 . 
In reference to claim 25: 

Caputo discloses a portable authorization device for selectively authorizing a host 
system to use one or more items of protected information, comprising: 

• A processing unit; Caputo(Figure 2, Item 164) 

• A storage medium operatively coupled to the processing unit for storing data. 
Caputo(Figure 2, Item 166) 

• An interface operative in conjunction with the processing unit and the storage 
medium for communicating with the host system to selectively authorize the host 
system to use a subset of the set of items of protected information. 
Caputo(Figure 2, Item 174) 
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Caputo however fails to explicitly disclose that the storage medium stores a counter 
associated with a set of items of protected information, and additionally fails to disclose 
an interface that selectively authorizes the host system to use based upon the value of 
the enable field and the 
counter. 



The examiner takes official notice that the use of counters, and enable fields as items of 
authorization information to authorize, in particular, the use of software, is well known in 
the art of Content Distribution, which frequently employ a counter, to allow access to 
content a certain number of times, and an enable field, which indicates whether access 
should be enabled or disabled. The advantage of using this allows an exact and limited 
access to software or content, as opposed to granting unlimited access to digital 
content, or completely restricting access. 

It would have been obvious to one of ordinary skill in the art at the time of 
invention to apply the use of a counter and an enable field to allow authorization of 
protected information, given the advantage of allowing limited access to protected 
information. 

In reference to claim 27: 

Caputo discloses a system for reconstructing a portable authorization device, 
comprising: 
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• A portable authorization device that operatively stores one or more items of 
authorization information for selectively authorizing a host system to use one or 
more items of protected information. Caputo(Figure 2) 

However Caputo fails to explicitly disclose an embodiment where the reconstruction 
data is disposed on the host for reconstructing the authorization information. 

The examiner takes official notice that it is well known in the art that the host 
system which contains the information or content, from which access is being sought, 
may itself act as the authorizing authority, where the authorizing authority similarly 
contains all the authorizing information it requires of a user in order to verify the user 
without having to contact a third party authority each time. 

For example, Schull, US patent 5,509,070 discloses a system where the user 
acquires software, and then purchases the license online. Once the system installs the 
authorization information onto the host from the network, future accesses are verified by 
the host system alone. The host system "reconstructs" the data necessary to authorize 
the user, in order to be able to compare the user's authorization information with the 
accepted authorization information. 

It would have been obvious to one of ordinary skill in the art at the time of 
invention to implement the host system as challenger given the advantage of avoiding 
the overhead and use of a third party remote challenge system, thereby meeting a 
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system where the reconstruction data is disposed on the host system for reconstructing 
the items of authorization information stored in the portable authorization device. 



6. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Thomas M Ho whose telephone number is (703)305- 
8029. The examiner can normally be reached on M-F from 8:30am - 5:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gregory A. Morse can be reached at (703)308-4789. The fax phone 
numbers for the organization where this application or proceeding is assigned are 
(703)746-7239 for regular communications and (703)746-7238 for After Final 
communications. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is (703)306- 
5484. 



Conclusion 



TMH 




October 24 m , 2003 



TOHNOLOGV CENTER 2100 
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